Merge branch 'feature/bluedroid_min_encr_key_size_backport_v3.1' into 'release/v3.1'

BT/Bluedroid : Add support to set min encryption key requirement (Backport v3.1)

See merge request espressif/esp-idf!6258
This commit is contained in:
Jiang Jiang Jian 2019-10-09 16:15:47 +08:00
commit 35f3554109
6 changed files with 53 additions and 3 deletions

View File

@ -263,13 +263,23 @@ typedef enum {
typedef enum {
ESP_BLE_SM_PASSKEY = 0,
/* Authentication requirements of local device */
ESP_BLE_SM_AUTHEN_REQ_MODE,
/* The IO capability of local device */
ESP_BLE_SM_IOCAP_MODE,
/* Initiator Key Distribution/Generation */
ESP_BLE_SM_SET_INIT_KEY,
/* Responder Key Distribution/Generation */
ESP_BLE_SM_SET_RSP_KEY,
/* Maximum Encryption key size to support */
ESP_BLE_SM_MAX_KEY_SIZE,
/* Minimum Encryption key size requirement from Peer */
ESP_BLE_SM_MIN_KEY_SIZE,
/* Set static Passkey */
ESP_BLE_SM_SET_STATIC_PASSKEY,
/* Reset static Passkey */
ESP_BLE_SM_CLEAR_STATIC_PASSKEY,
/* Accept only specified SMP Authentication requirement */
ESP_BLE_SM_ONLY_ACCEPT_SPECIFIED_SEC_AUTH,
ESP_BLE_SM_MAX_PARAM,
} esp_ble_sm_param_t;

View File

@ -45,6 +45,7 @@ tBTE_APPL_CFG bte_appl_cfg = {
BTM_BLE_INITIATOR_KEY_SIZE,
BTM_BLE_RESPONDER_KEY_SIZE,
BTM_BLE_MAX_KEY_SIZE,
BTM_BLE_MIN_KEY_SIZE,
BTM_BLE_ONLY_ACCEPT_SPECIFIED_SEC_AUTH_DISABLE
};
#endif
@ -361,7 +362,7 @@ void bta_dm_co_ble_set_rsp_key_req(UINT8 rsp_key)
void bta_dm_co_ble_set_max_key_size(UINT8 ble_key_size)
{
#if (SMP_INCLUDED == TRUE)
if(ble_key_size >= BTM_BLE_MIN_KEY_SIZE && ble_key_size <= BTM_BLE_MAX_KEY_SIZE) {
if(ble_key_size >= bte_appl_cfg.ble_min_key_size && ble_key_size <= BTM_BLE_MAX_KEY_SIZE) {
bte_appl_cfg.ble_max_key_size = ble_key_size;
} else {
APPL_TRACE_ERROR("%s error:Invalid key size value, key_size =%d",__func__, ble_key_size);
@ -369,6 +370,17 @@ void bta_dm_co_ble_set_max_key_size(UINT8 ble_key_size)
#endif ///SMP_INCLUDED == TRUE
}
void bta_dm_co_ble_set_min_key_size(UINT8 ble_key_size)
{
#if (SMP_INCLUDED == TRUE)
if(ble_key_size >= BTM_BLE_MIN_KEY_SIZE && ble_key_size <= bte_appl_cfg.ble_max_key_size) {
bte_appl_cfg.ble_min_key_size = ble_key_size;
} else {
APPL_TRACE_ERROR("%s error:Invalid key size value, key_size =%d",__func__, ble_key_size);
}
#endif ///SMP_INCLUDED == TRUE
}
void bta_dm_co_ble_set_accept_auth_enable(UINT8 enable)
{
#if (SMP_INCLUDED == TRUE)

View File

@ -191,6 +191,8 @@ extern void bta_dm_co_ble_set_rsp_key_req(UINT8 rsp_key);
extern void bta_dm_co_ble_set_max_key_size(UINT8 ble_key_size);
extern void bta_dm_co_ble_set_min_key_size(UINT8 ble_key_size);
extern void bta_dm_co_ble_set_accept_auth_enable(UINT8 enable);
extern UINT8 bta_dm_co_ble_get_accept_auth_enable(void);

View File

@ -1123,6 +1123,12 @@ void btc_gap_ble_call_handler(btc_msg_t *msg)
bta_dm_co_ble_set_max_key_size(key_size);
break;
}
case ESP_BLE_SM_MIN_KEY_SIZE: {
uint8_t key_size = 0;
STREAM_TO_UINT8(key_size, value);
bta_dm_co_ble_set_min_key_size(key_size);
break;
}
case ESP_BLE_SM_SET_STATIC_PASSKEY: {
uint32_t passkey = 0;
for(uint8_t i = 0; i < arg->set_security_param.len; i++)

View File

@ -31,6 +31,7 @@ typedef struct {
UINT8 ble_init_key;
UINT8 ble_resp_key;
UINT8 ble_max_key_size;
UINT8 ble_min_key_size;
UINT8 ble_accept_auth_enable;
#endif
} tBTE_APPL_CFG;

View File

@ -36,6 +36,7 @@
#include "smp_int.h"
#include "device/controller.h"
#include "btm_int.h"
#include "common/bte_appl.h"
#define SMP_PAIRING_REQ_SIZE 7
#define SMP_CONFIRM_CMD_SIZE (BT_OCTET16_LEN + 1)
@ -1111,9 +1112,27 @@ BOOLEAN smp_pairing_request_response_parameters_are_valid(tSMP_CB *p_cb)
return FALSE;
}
if ((enc_size < SMP_ENCR_KEY_SIZE_MIN) || (enc_size > SMP_ENCR_KEY_SIZE_MAX)) {
/* `bte_appl_cfg.ble_min_enc_key_size` will be `SMP_ENCR_KEY_SIZE_MIN` by
* default if not set explicitly */
#if (BLE_INCLUDED == TRUE)
if (enc_size < bte_appl_cfg.ble_min_key_size) {
SMP_TRACE_WARNING("Rcvd from the peer cmd 0x%02x with Maximum Encryption \
Key value (0x%02x) out of range).\n",
Key value (0x%02x) less than minimum required key size).\n",
p_cb->rcvd_cmd_code, enc_size);
return FALSE;
}
#else
if (enc_size < SMP_ENCR_KEY_SIZE_MIN) {
SMP_TRACE_WARNING("Rcvd from the peer cmd 0x%02x with Maximum Encryption \
Key value (0x%02x) less than minimum required key size).\n",
p_cb->rcvd_cmd_code, enc_size);
return FALSE;
}
#endif
if (enc_size > SMP_ENCR_KEY_SIZE_MAX) {
SMP_TRACE_WARNING("Rcvd from the peer cmd 0x%02x with Maximum Encryption \
Key value (0x%02x) greater than supported by stack).\n",
p_cb->rcvd_cmd_code, enc_size);
return FALSE;
}